package com.by.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@EnableGlobalMethodSecurity(prePostEnabled = true)//开启权限注解支持
public class HelloController {

    @RequestMapping("/aaa")
    @PreAuthorize("hashAuthority('aaa')")
    public String aaa() {
        return "aaa";
    }

    @RequestMapping("/bbb")
    @PreAuthorize("hashAuthority('bbb')")
    public String bbb() {
        return "bbb";
    }

    @RequestMapping("/ccc")
    @PreAuthorize("hasRole('ADMINISTRATORS')")
    public String ccc() {
        return "ccc";
    }
}
